Faster CPUs don't necessarily mean you get more than 1000 auth requests per second against the web site you're trying to brute force.